CVE-2021-22011
published 2021-09-23CVE-2021-22011: vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on…
medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | >= 3.0 < 5.0 | 5.0 |
| vmware | vcenter_server | — | — |
| vmware | vcenter_server | — | — |
| vmware | vcenter_server | — | — |